ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Coldfusion: Encrypting and Decrypting Data

Updated on October 14, 2012

Sometimes it is necessary and/or standard procedures to encrypt data when storing in a database from online forms. A quick example that come to my mind, that I have encrypted would be passwords. As a developer, you should find it necessary to encrypt confidential data in databases. Just because you have the standard SSL for https encyrption of information flowing from browser to server, you should still have it in policy to encrypt the data stored on the server. Now, there is some data that just should NOT be stored in any database, SSN and Credit Card numbers come to mind.

I use Adobe Coldfusion as my development platform for all my web applications. Utlizing it's encryption functionality is a must. What encrypt does is, takes a string of text, and using a specific algorithm and encoding method, encrypts it. Likewise, decrypt takes that encrypted string and decrypts it back to the original string, keeping the data secure on the server.


First, I set some parameters to use with the process. These paramets could be stored in the application.cfm file, or on the actual page used. For more information on the parameters used and the options for each, please visit

<cfparam name="MyKey" default="JC2HI71J8UR548CSDD1SDSDJ455LN9P">
<cfparam name="myAlgorithm" default="CFMX_COMPAT">
<cfparam name="myEncoding" default="Base64">

Encryption and Decryption Sample Code:

Below is the sample code for using the parameters above with the field that is submitted from the HTML form. This sample reflects both the encryption and decryption syntax.

      /* GenerateSecretKey does not generate key for the CFMX_COMPAT algorithm,
        so use the key from the form.
      if (myAlgorithm EQ "CFMX_COMPAT")
      // For all other encryption techniques, generate a secret key.
      //Encrypt the string
      encrypted=encrypt(myString, theKey, myAlgorithm,
      //Decrypt it
      decrypted=decrypt(encrypted, theKey, myAlgorithm, myEncoding);

HTML Sample:

Below is just a single form field, being used as the sample to pass the string to the routine above.

<cfform action="?testit=yes" method="post">
TEXT: <cfinput type="text" name="mystring" size="20" maxlength="20">
<input type="submit" value="Submit">

Output Results

below is a basic <cfoutput> with the output results from the encryption and decryption routine above.

MyString: #mystring#
Encrypted: #encrypted#
Decrypted: #decrypted#
Click to Rate This Article